iPhones, Crime, and the Tension Between Privacy and Security: Should the Communications Assistance for Law Enforcement Act Be Amended?
36 Pages Posted: 30 Mar 2016 Last revised: 2 Sep 2016
Date Written: March 28, 2016
When the United States sought an order forcing Apple to write code that would break the iPhone password protection of one of the San Bernardino shooters, long-simmering questions of statutory interpretation, constitutional limitations, the privacy-security debate, and the architecture of the Internet were brought into relief. The government has found a way to break the phone without Apple’s help, but this has only delayed answers to these persistent, wide-ranging questions.
The short-term resolution of cases such as Apple’s will likely depend upon courts’ interpretation of the scope of the All Writs Act (AWA) in light of the Communications Assistance for Law Enforcement Act (CALEA). We believe that CALEA does not permit a court to issue the government’s requested order against Apple.
But law enforcement has legitimate investigatory needs that the AWA and CALEA hinder. Should, therefore, CALEA be amended? This is an important question because it goes to the very structure of both the Internet and the Internet of Things. For decades, society and the government have been debating the extent to which the government ought to shape and control digital activity. From the Clipper Chip in the 1990s and CARNIVORE in the early 2000s, to the questions of online surveillance and net neutrality today, the structure of the Internet and the Internet of Things has democratic, constitutional, public safety, public security, and business contours. On one level, the Apple case was about a few digits entered into one iPhone. But it also implicates multifaceted, large-scale structural questions.
Our paper takes the following route. In Part One, we brief the Apple case, including amici’s arguments, and place the case in the relevant context. In Part Two, we review the current reach and limitations of CALEA and consider how CALEA could be amended in light of law enforcement needs in the Apple case. In Part Three, we weigh the protection of personal privacy against the needs of law enforcement, as well as the diverging national security goals of fighting terrorism and protecting our digital infrastructure. We will also address the question whether it is too late anyway, as terrorists and other malfeasants increasingly use apps that leave no trace of earlier communications. Although a great deal of information is evanescent, the issue remains important for two reasons: people will still store valuable data on their smartphones, and they will use their phones as access points to cloud-stored data and Internet-equipped physical objects, such as home locks.
Finally, in Part Four, we consider the impact of any CALEA amendment upon the structure of the Internet. If the government can compel Apple to build code to access an iPhone, then it is only a small step to requiring that Internet backbone providers build code to defeat encryption on a wide variety of communicative platforms. This would gradually bring about a restructuring of the Internet as we know it, and compromise the business plans of many companies. Whether this is a price worth paying is hard to say.
Keywords: Apple, All Writs Act, CALEA, Encryption
Suggested Citation: Suggested Citation